<?php

require_once('functions/pageLoad.php');
loginRequired();
$user_session = explode("_", $_SESSION['user']);
$user_id = $user_session[0];
$page_title = 'Personal details';

if($_SERVER['REQUEST_METHOD'] == 'POST'){

$fail = '';

$email_regex = "/^[^@]+@([-\w]+\.)+[A-Za-z]{2,4}$/i";
$postcode_regex = "/^([A-PR-UWYZa-pr-uwyz]([0-9]{1,2}|([A-HK-Ya-hk-y][0-9]|[A-HK-Ya-hk-y][0-9]([0-9]|[ABEHMNPRV-Yabehmnprv-y]))|[0-9][A-HJKS-UWa-hjks-uw])\ {0,1}[0-9][ABD-HJLNP-UW-Zabd-hjlnp-uw-z]{2}|([Gg][Ii][Rr]\ 0[Aa][Aa])|([Ss][Aa][Nn]\ {0,1}[Tt][Aa]1)|([Bb][Ff][Pp][Oo]\ {0,1}([Cc]\/[Oo]\ )?[0-9]{1,4})|(([Aa][Ss][Cc][Nn]|[Bb][Bb][Nn][Dd]|[BFSbfs][Ii][Qq][Qq]|[Pp][Cc][Rr][Nn]|[Ss][Tt][Hh][Ll]|[Tt][Dd][Cc][Uu]|[Tt][Kk][Cc][Aa])\ {0,1}1[Zz][Zz]))$/i";

// check email
	$sql = "SELECT id FROM users WHERE email = '".mysql_real_escape_string($_POST['email'])."' AND id != '".$user_id."'";
	$query=mysql_query( $sql ) or die ("Error in query: $sql . " . mysql_error());
	$rows=mysql_num_rows($query);
	
//Change By Vyas Ishan 14 May 2013 Task1
#$fail.= (strlen($_POST['firstname']) == 0 || strlen($_POST['surname']) == 0) ? '<li>Name was not entered</li>' : '';
$fail.= (strlen($_POST['firstname']) == 0 ) ? '<li>Name was not entered</li>' : '';

$fail.= (strlen($_POST['telephone']) == 0) ? '<li>Telephone number not entered</li>' : '';
$fail.= (strlen($_POST['telephone']) > 0 && !ctype_digit(str_replace(" ", "", $_POST['telephone']))) ? '<li>Invalid telephone number entered, please use numbers only</li>' : '';
$fail.= (preg_match($email_regex, $_POST['email1']) == 0) ? '<li>Invalid email address entered</li>' : '';

//Change By Vyas Ishan 14 May 2013 Task1
#$fail.= ($_POST['email1'] != $_POST['email2']) ? '<li>Email addresses do not match</li>' : '';
$fail.= ($rows > 0) ? '<li>An account already exists with that email address</li>' : '';

$fail.= (strlen($_POST['email1']) > 0  && (strlen($_POST['password1']) == 0 || strlen($_POST['password2']) == 0)) ? '<li>Please enter your password twice to update your email address</li>' : '';
$fail.= ((strlen($_POST['password1']) > 0 && strlen($_POST['password1']) < 6) || (strlen($_POST['password1']) > 0 && strlen($_POST['password1']) > 16)) ? '<li>Passwords must be 6-16 characters long</li>' : '';
$fail.= ($_POST['password1'] != $_POST['password2']) ? '<li>Passwords do not match</li>' : '';
$fail.= (strlen($_POST['line_1']) == 0) ? '<li>Address was not entered</li>' : '';
$fail.= (strlen($_POST['city']) == 0) ? '<li>City was not entered</li>' : '';

//Change By Vyas Ishan 14 May 2013 Task1
//$fail.= (preg_match($postcode_regex, str_replace(" ", "", $_POST['postcode'])) == 0) ? '<li>Invalid postcode entered</li>' : '';
$fail.= (strlen($_POST['postcode']) == 0) ? '<li>Postcode was not entered</li>' : '';

if(strlen($fail) > 0){

// PHAIL

$results = '<p>Please correct the following errors;</p><ul>'.$fail.'</ul>';

}

else
{

// FINE - UPDATE

	if(strlen($_POST['password1']) > 0){

	$encrypt1 = base64_encode($_POST['password1'].'_'.$encryption_salt);
	$encrypt2 = md5($encrypt1.'_'.$_POST['email1'].'_'.$encryption_salt);

	$password_update = ", password = '".$encrypt2."'";

	}

	$sql = "SELECT mobile FROM users WHERE id = '".$user_id."'";
	$query=mysql_query( $sql ) or die ("Error in query: $sql . " . mysql_error());
	$rs=mysql_fetch_assoc($query);

	$mobile_verified_change = (str_replace(" ", "", $_POST['mobile']) != $rs['mobile']) ? ", mobile_verified = '0', verification = ''" : '';
		
	//Change By Vyas Ishan 14 May 2013 Task 1
	$surName = '';
	if (array_key_exists('surname',$_POST)) {
		$surName = mysql_real_escape_string(stripslashes($_POST['surname']));
	}		
	
	$sql="UPDATE users SET email = '".mysql_real_escape_string(stripslashes($_POST['email1']))."', firstname = '".mysql_real_escape_string(stripslashes($_POST['firstname']))."', surname = '".$surName."', telephone = '".mysql_real_escape_string(str_replace(" ", "", $_POST['telephone']))."', mobile = '".mysql_real_escape_string(str_replace(" ", "", $_POST['mobile']))."'".$password_update.$mobile_verified_change." WHERE id = '".$user_id."'";
	$query=mysql_query( $sql ) or die ("Error in query: $sql. " . mysql_error());

	// add address?

	$sql = "SELECT line_1, postcode FROM users
		LEFT JOIN addresses ON users.address_id = addresses.id
		WHERE users.id = '".$user_id."'";
	$query=mysql_query( $sql ) or die ("Error in query: $sql . " . mysql_error());
	$rs=mysql_fetch_assoc($query);

	if($_POST['line_1'] != $rs['line_1'] || $_POST['postcode'] != $rs['postcode']){

	// google map

	$address = $_POST['line_1'].",".$_POST['line_2'].",".$_POST['line_3'].",".$_POST['postcode'];
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, "http://maps.google.com/maps/geo?q=".urlencode($address)."&output=csv&oe=utf8&sensor=false&key=".$settings['google_api_key']);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        $output = curl_exec($ch);
        curl_close($ch);
	$outputArr = explode(",",$output);

	$sql="INSERT INTO addresses (user_id, area_id, line_1, line_2, line_3, postcode, longitude, latitude) VALUES ('".$user_id."', '".mysql_real_escape_string($_POST['city'])."', '".mysql_real_escape_string(stripslashes($_POST['line_1']))."', '".mysql_real_escape_string(stripslashes($_POST['line_2']))."', '".mysql_real_escape_string(stripslashes($_POST['line_3']))."', '".mysql_real_escape_string($_POST['postcode'])."', '".$outputArr[3]."', '".$outputArr[2]."')";
	$query=mysql_query( $sql ) or die ("Error in query: $sql. " . mysql_error());
	$address_id = mysql_insert_id();

	// update user

	$userUpdate="UPDATE users SET address_id = '".$address_id."' WHERE id = '".$user_id."'";
	$userResult=mysql_query( $userUpdate ) or die ("Error in query: $userUpdate . " . mysql_error());

	}

	$results = '<p style="color: #009900;"><strong>Your details have been updated successfully!</strong></p>';

}

}

else{
$results = '';


	$sql = "SELECT firstname, surname, telephone, email, mobile, line_1, line_2, line_3, area_id, postcode 
		FROM users 
		LEFT JOIN addresses ON users.address_id = addresses.id 
		WHERE users.id = '".$user_id."'";
	$query=mysql_query( $sql ) or die ("Error in query: $sql . " . mysql_error());
	$rs=mysql_fetch_assoc($query);

	$_POST['firstname'] = $rs['firstname'];
	
	//Change By Vyas Ishan 14 May 2013 Task1
	#$_POST['surname'] = $rs['surname'];
	
	$_POST['telephone'] = $rs['telephone'];
	$_POST['mobile'] = $rs['mobile'];
	$_POST['email1'] = $rs['email'];
	$_POST['line_1'] = $rs['line_1'];
	$_POST['line_2'] = $rs['line_2'];
	$_POST['line_3'] = $rs['line_3'];
	$_POST['city'] = $rs['area_id'];
	$_POST['postcode'] = $rs['postcode'];
	$original_email = $rs['email'];

}

// load areas

	$sql = "SELECT id, area FROM areas ORDER BY area";
	$query=mysql_query( $sql ) or die ("Error in query: $sql . " . mysql_error());

	$area_dropdown = '<select name="city" id="city" style="color: #000000; font-style: normal;"><option value="">Please select</option>';

	while($rs=mysql_fetch_assoc($query)){
	$selected = ($rs['id'] == $_POST['city']) ? ' selected="selected"' : '' ;
	$area_dropdown.= '<option value="'.$rs['id'].'"'.$selected.'>'.htmlspecialchars($rs['area']).'</option>';
	}

	$area_dropdown.= '</select>';

include('includes/meta.php');
include('includes/header.php');
include('includes/navigation.php');

?>

<h1>Personal details</h1>

<?php echo $results; ?>

<div id="error_div" style="display: none;"></div>

<div id="email_change" style="display: none; font-size: 12px;"><span style="color: #cc0000;"><strong>You have changed your email address, please enter your password.</strong></span></div>

<p class="noTop">Please make the relevant changes to your information and click update to update your information.</p>

<form method="post" action="/personal-details" id="personal-details" autocomplete="off">

<input type="hidden" id="form" name="form" value="personal-details" style="display: none;" />

<div id="registration_form">

<div id="name_wrap">

<div class="rowWrapper" id="firstname_wrap">
<div class="rowLeft"><label for="firstname">First name:</label></div>
<div class="rowRight"><input type="text" name="firstname" id="firstname" class="textbox" value="<?php echo $_POST['firstname']; ?>" /></div>
</div>

<?php /*//Change By Vyas Ishan 14 May 2013 Task1?>
<div class="rowWrapper" id="surname_wrap">
<div class="rowLeft"><label for="surname">Surname:</label></div>
<div class="rowRight"><input type="text" name="surname" id="surname" class="textbox" value="<?php echo $_POST['surname']; ?>" /></div>
</div>
<?php */?>

</div>

<div id="number_wrap">

<div class="rowWrapper" id="telephone_wrap">
<div class="rowLeft"><label for="telephone">Telephone:</label></div>
<div class="rowRight"><input type="text" name="telephone" id="telephone" class="textbox" value="<?php echo $_POST['telephone']; ?>" /></div>
</div>

<div class="rowWrapper" id="mobile_wrap">
<div class="rowLeft"><label for="mobile">Mobile:</label></div>
<div class="rowRight"><input type="text" name="mobile" id="mobile" class="textbox" value="<?php echo $_POST['mobile']; ?>" /></div>
</div>

</div>

<div id="email_wrap">

<input type="hidden" name="original_email" id="original_email" value="<?php echo $original_email; ?>" />

<div class="rowWrapper" id="email1_wrap">
<div class="rowLeft"><label for="email1">Email address:</label></div>
<div class="rowRight"><input type="text" name="email1" id="email1" class="textbox" value="<?php echo $_POST['email1']; ?>" /></div>
</div>

<?php /*//Change By Vyas Ishan 14 May 2013 Task1?>
<div class="rowWrapper" id="email2_wrap">
<div class="rowLeft"><label for="email2">Confirm email:</label></div>
<div class="rowRight"><input type="text" name="email2" id="email2" class="textbox" value="" /></div>
</div>
<?php */?>


</div>

<div id="password_wrap">

<div class="rowWrapper" id="password1_wrap">
<div class="rowLeft"><label for="password1">Password:</label></div>
<div class="rowRight"><input type="password" name="password1" id="password1" class="textbox" /></div>
</div>


<div class="rowWrapper" id="password2_wrap">
<div class="rowLeft"><label for="password2">Confirm password:</label></div>
<div class="rowRight"><input type="password" name="password2" id="password2" class="textbox" /></div>
</div>
</div>


<div id="address_wrap" style="border-bottom: none;">

<div class="rowWrapper" id="line_1_wrap">
<div class="rowLeft"><label for="line_1">Address line 1:</label></div>
<div class="rowRight"><input type="text" name="line_1" id="line_1" class="textbox" value="<?php echo $_POST['line_1']; ?>" /></div>
</div>

<div class="rowWrapper" id="line_2_wrap">
<div class="rowLeft"><label for="line_2">Address line 2:</label></div>
<div class="rowRight"><input type="text" name="line_2" id="line_2" class="textbox" value="<?php echo $_POST['line_2']; ?>" /></div>
</div>

<div class="rowWrapper" id="line_3_wrap">
<div class="rowLeft"><label for="line_3">Address line 3:</label></div>
<div class="rowRight"><input type="text" name="line_3" id="line_3" class="textbox" value="<?php echo $_POST['line_3']; ?>" /></div>
</div>

<div class="rowWrapper" id="city_wrap">
<div class="rowLeft"><label for="city">Town/City:</label></div>
<div class="rowRight"><?php echo $area_dropdown; ?></div>
</div>

<div class="rowWrapper" id="postcode_wrap">
<div class="rowLeft"><label for="postcode">Postcode:</label></div>
<div class="rowRight"><input type="text" name="postcode" id="postcode" class="textbox" value="<?php echo $_POST['postcode']; ?>" style="width: 80px;" /></div>
</div>

<div class="rowWrapper">
<div class="rowLeft">&nbsp;</div>
<div class="rowRight"><input type="image" src="/images/update_button.gif" alt="Update"></div>
</div>

</div>

</div>

</form>

<div style="display: none;"><img src="images/tick.png" alt="" /><img src="images/cross.png" alt="" /></div>

<?php 

include('includes/rightColumn.php');
include('includes/footer.php');

?>